Sign-up

ID

VAR-202105-0694


CVE

CVE-2021-27397


TITLE

Siemens Tecnomatix Plant Simulation SPP File Parsing Memory Corruption Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-21-569

DESCRIPTION

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13287). This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of SPP files. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.16

sources: NVD: CVE-2021-27397 // ZDI: ZDI-21-569 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-27397

AFFECTED PRODUCTS

vendor:siemensmodel:tecnomatix plant simulationscope:ltversion:16.0.5

Trust: 1.0

vendor:siemensmodel:tecnomatix plant simulationscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-569 // NVD: CVE-2021-27397

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-27397
value: HIGH

Trust: 1.0

ZDI: CVE-2021-27397
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202105-636
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

VULMON: CVE-2021-27397
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-27397
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2021-27397
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2021-27397
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-569 // VULMON: CVE-2021-27397 // CNNVD: CNNVD-202105-636 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-27397

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2021-27397

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202105-636

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202105-636

PATCH

title: - url:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-08https://cert-portal.siemens.com/productcert/pdf/ssa-983548.pdf

Trust: 0.7

title:Siemens Tecnomatix Plant Simulation Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=150064

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=07762e4ee064e79fff01009b67f62a17

Trust: 0.1

sources: ZDI: ZDI-21-569 // VULMON: CVE-2021-27397 // CNNVD: CNNVD-202105-636

EXTERNAL IDS

db:NVDid:CVE-2021-27397

Trust: 2.4

db:ZDIid:ZDI-21-569

Trust: 2.4

db:SIEMENSid:SSA-983548

Trust: 1.7

db:ZDI_CANid:ZDI-CAN-13287

Trust: 0.7

db:CS-HELPid:SB2021051207

Trust: 0.6

db:AUSCERTid:ESB-2021.1600

Trust: 0.6

db:ICS CERTid:ICSA-21-131-08

Trust: 0.6

db:CNNVDid:CNNVD-202105-636

Trust: 0.6

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:VULMONid:CVE-2021-27397

Trust: 0.1

sources: ZDI: ZDI-21-569 // VULMON: CVE-2021-27397 // CNNVD: CNNVD-202105-636 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-27397

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-21-569/

Trust: 2.4

url:https://cert-portal.siemens.com/productcert/pdf/ssa-983548.pdf

Trust: 1.7

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-08https://cert-portal.siemens.com/productcert/pdf/ssa-983548.pdf

Trust: 0.7

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-131-08

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1600

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051207

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://cert-portal.siemens.com/productcert/txt/ssa-983548.txt

Trust: 0.1

sources: ZDI: ZDI-21-569 // VULMON: CVE-2021-27397 // CNNVD: CNNVD-202105-636 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-27397

CREDITS

Francis Provencher {PRL}

Trust: 0.7

sources: ZDI: ZDI-21-569

SOURCES

db:ZDIid:ZDI-21-569
db:VULMONid:CVE-2021-27397
db:CNNVDid:CNNVD-202105-636
db:CNNVDid:CNNVD-202104-975
db:NVDid:CVE-2021-27397

LAST UPDATE DATE

2024-08-14T12:55:25.947000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-569date:2021-05-13T00:00:00
db:VULMONid:CVE-2021-27397date:2021-05-19T00:00:00
db:CNNVDid:CNNVD-202105-636date:2022-04-26T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:NVDid:CVE-2021-27397date:2022-04-25T20:03:11.430

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-569date:2021-05-13T00:00:00
db:VULMONid:CVE-2021-27397date:2021-05-12T00:00:00
db:CNNVDid:CNNVD-202105-636date:2021-05-11T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:NVDid:CVE-2021-27397date:2021-05-12T14:15:11.853